Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix for validating dm invite from your other installation #1520

Merged
merged 1 commit into from
Jan 17, 2025
Merged

fix for validating dm invite from your other installation #1520

merged 1 commit into from
Jan 17, 2025

Conversation

cameronvoell
Copy link
Contributor

@cameronvoell cameronvoell commented Jan 17, 2025
edited
Loading

Fixes a bug where dm invites were being treated invalid if they came from another installation associated with your inbox_id.

See updated logic with better comments:

libxmtp/xmtp_mls/src/groups/mod.rs

Lines 1705 to 1745 in a85d053

// 1) Check if the conversation type is DM
if metadata.conversation_type != ConversationType::Dm {
return Err(GroupError::Generic(
"Invalid conversation type for DM group".to_string(),
));
}
// 2) If `dm_members` is not set, return an error immediately
let dm_members = match &metadata.dm_members {
Some(dm) => dm,
None => {
return Err(GroupError::Generic(
"DM group must have DmMembers set".to_string(),
));
}
};
// 3) If the inbox that added this group is our inbox, make sure that
// one of the `dm_members` is our inbox id
if added_by_inbox == client.inbox_id() {
if !(dm_members.member_one_inbox_id == client.inbox_id()
|| dm_members.member_two_inbox_id == client.inbox_id())
{
return Err(GroupError::Generic(
"DM group must have our inbox as one of the dm members".to_string(),
));
}
return Ok(());
}
// 4) Otherwise, make sure one of the `dm_members` is ours, and the other is `added_by_inbox`
let is_expected_pair = (dm_members.member_one_inbox_id == added_by_inbox
&& dm_members.member_two_inbox_id == client.inbox_id())
|| (dm_members.member_one_inbox_id == client.inbox_id()
&& dm_members.member_two_inbox_id == added_by_inbox);
if !is_expected_pair {
return Err(GroupError::Generic(
"DM members do not match expected inboxes".to_string(),
));
}

@cameronvoell Graphite App
Copy link
Contributor Author

This stack of pull requests is managed by Graphite. Learn more about stacking.

@cameronvoell cameronvoell marked this pull request as ready for review January 17, 2025 22:14
@cameronvoell cameronvoell requested a review from a team as a code owner January 17, 2025 22:14
@cameronvoell cameronvoell merged commit d67625b into main Jan 17, 2025
12 checks passed
@cameronvoell cameronvoell deleted the cv/01-17-fix_for_validating_dm_invite_from_your_other_installation branch January 17, 2025 22:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nplasterer nplasterer nplasterer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cameronvoell @nplasterer